diff --git a/docs/element.md b/docs/element.md index 722bac1..c1ac947 100644 --- a/docs/element.md +++ b/docs/element.md @@ -1,18 +1,22 @@ # Required variables -These variables are required. Example values included. Some general variables might also be required for this role. +These variables are required. Example values included. ``` ports: element_http: 8080 +element_domains: # not required if reverse_proxy_type is set to none + - chat.domain.tld + - element.domain.tld + matrix_domain: domain.tld matrix_server_domain: matrix.domain.tld ``` +# Optional variables These variables are optional and have the following default values: ``` matrix_external_url: https://{{ matrix_server_domain }} -reverse_proxy_type: caddy jitsi_domain: jitsi.riot.im ``` diff --git a/docs/general.md b/docs/general.md index 62c047f..7f053e8 100644 --- a/docs/general.md +++ b/docs/general.md @@ -1,6 +1,13 @@ # Required variables -These variables are required by some roles. Example values included. +These variables are required by multiple roles. Example values included. ``` timezone: 'Europe/Helsinki' ``` + +# Optional variables +These variables are used by multiple roles and have the following default values: + +``` +reverse_proxy_type: caddy # Allowed values: caddy, traefik, none +``` diff --git a/docs/jitsi.md b/docs/jitsi.md index ec4415e..78ab82c 100644 --- a/docs/jitsi.md +++ b/docs/jitsi.md @@ -5,5 +5,5 @@ These variables are required. Example values included. Some general variables mi ports: jitsi_http: 8080 -jitsi_external_url: 'https://jitsi.domain.tld' +jitsi_domain: 'jitsi.domain.tld' ``` diff --git a/galaxy.yml b/galaxy.yml index 77b2746..b007684 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -2,11 +2,11 @@ namespace: uumas name: docker -version: 0.3.1 +version: 0.4.0 readme: README.md repository: https://git.uumas.fi/uumas/ansible-docker license_file: LICENSE dependencies: - uumas.general: '>0.3.0' + uumas.general: '>=0.5.0' authors: - uumas diff --git a/roles/element/meta/main.yml b/roles/element/meta/main.yml index adf75a3..0687a69 100644 --- a/roles/element/meta/main.yml +++ b/roles/element/meta/main.yml @@ -2,5 +2,8 @@ dependencies: - docker - - role: uumas.general.caddy - when: reverse_proxy_type == 'caddy' + - role: uumas.general.reverse_proxy + vhost_id: element + vhost_domains: "{{ element_domains }}" + proxy_target: http://127.0.0.1:{{ ports.element_http }} + when: reverse_proxy_type != 'none' and reverse_proxy_type != 'traefik' diff --git a/roles/element/tasks/main.yml b/roles/element/tasks/main.yml index 8fbb984..d5461ac 100644 --- a/roles/element/tasks/main.yml +++ b/roles/element/tasks/main.yml @@ -25,15 +25,3 @@ dest: "{{ element_config_volume.Source }}/config.json" mode: '644' -- name: Add caddy reverse proxy config - blockinfile: - path: /etc/caddy/Caddyfile - marker: "# {mark} ANSIBLE MANAGED BLOCK element" - block: | - element.{{ domain }} chat.{{ domain }} { - reverse_proxy http://127.0.0.1:{{ ports.element_http }} - } - validate: 'caddy validate --config %s --adapter caddyfile' - backup: true - notify: reload caddy - when: reverse_proxy_type == 'caddy' diff --git a/roles/jitsi/meta/main.yml b/roles/jitsi/meta/main.yml index c1fee78..9562144 100644 --- a/roles/jitsi/meta/main.yml +++ b/roles/jitsi/meta/main.yml @@ -2,4 +2,9 @@ dependencies: - docker - - uumas.general.caddy + - role: uumas.generaldev.reverse_proxy + vhost_id: jitsi + vhost_domains: + - "{{ jitsi_domain }}" + proxy_target: http://127.0.0.1:{{ ports.jitsi_http }} + when: reverse_proxy_type != 'traefik' diff --git a/roles/jitsi/tasks/main.yml b/roles/jitsi/tasks/main.yml index 6a464ea..947c53c 100644 --- a/roles/jitsi/tasks/main.yml +++ b/roles/jitsi/tasks/main.yml @@ -4,17 +4,25 @@ docker_network: name: meet.jitsi +- name: Set jitsi meet web published ports variable + set_fact: + jitsi_web_published_ports: ["127.0.0.1:{{ ports.jitsi_http }}:80"] + when: reverse_proxy_type != 'traefik' + +- name: Include traefik vars + include_vars: traefik.yml + when: reverse_proxy_type == 'traefik' + - name: Jitsi meet web docker_container: name: 'jitsi_meet_web' image: 'jitsi/web:latest' pull: true container_default_behavior: no_defaults - published_ports: - - "127.0.0.1:{{ ports.jitsi_http }}:80" + published_ports: "{{ jitsi_web_published_ports | default(omit) }}" env: DISABLE_HTTPS: '1' - PUBLIC_URL: "{{ jitsi_external_url }}" + PUBLIC_URL: "https://{{ jitsi_domain }}" TZ: "{{ timezone }}" ENABLE_PREJOIN_PAGE: '1' ENABLE_REQUIRE_DISPLAY_NAME: '1' @@ -25,6 +33,7 @@ XMPP_DOMAIN: meet.jitsi XMPP_AUTH_DOMAIN: auth.meet.jitsi XMPP_MUC_DOMAIN: muc.meet.jitsi + labels: "{{ jitsi_traefik_labels.web | default(omit) }}" restart_policy: always networks: - name: meet.jitsi @@ -52,7 +61,7 @@ pull: true container_default_behavior: no_defaults env: - PUBLIC_URL: "{{ jitsi_external_url }}" + PUBLIC_URL: "https://{{ jitsi_domain }}" TZ: "{{ timezone }}" ENABLE_LOBBY: '1' ENABLE_BREAKOUT_ROOMS: '1' @@ -106,7 +115,7 @@ - "{{ ports.jitsi_jvb | default(10000) }}:10000/udp" - "{{ ports.jitsi_jvb_tcp | default(4443) }}:4443" env: - PUBLIC_URL: "{{ jitsi_external_url }}" + PUBLIC_URL: "https://{{ jitsi_domain }}" TZ: "{{ timezone }}" JVB_PORT: '10000' JVB_TCP_PORT: '4443' @@ -124,14 +133,3 @@ aliases: - meet.jitsi -- name: Add caddy reverse proxy config - blockinfile: - path: /etc/caddy/Caddyfile - marker: "# {mark} ANSIBLE MANAGED BLOCK jitsi" - block: | - {{ jitsi_external_url }} { - reverse_proxy http://127.0.0.1:{{ ports.jitsi_http }} - } - validate: 'caddy validate --config %s --adapter caddyfile' - backup: true - notify: reload caddy diff --git a/roles/jitsi/vars/traefik.yml b/roles/jitsi/vars/traefik.yml new file mode 100644 index 0000000..d71c781 --- /dev/null +++ b/roles/jitsi/vars/traefik.yml @@ -0,0 +1,7 @@ +--- + +jitsi_traefik_labels: + web: + traefik.enable: 'true' + traefik.http.routers.jitsi.rule: "Host(`{{ jitsi_domain }}`)" + traefik.http.routers.jitsi.tls.certresolver: 'le'